Re: [squid-users] Re: secure authentication on squid

From: Graeme Wood <Graeme.Wood@dont-contact.us>
Date: Thu, 21 Nov 2002 10:35:10 +0000 (GMT)

On 20 Nov 2002, Henrik Nordstrom wrote:

> ons 2002-11-20 klockan 16.17 skrev Hegedus, Ervin:
>
> > > I may be wrong, but maybe you can try to use digest
> > > password auth. That way, the password is sent encrypted.
> >
> > may be, you all right.
> > Squid gurus tells us... :)
>
> Yes. The one-the-wire digest authentication messages is considered
> cryptographically secure.
>
> Also not all browsers supports digest authentication yet, but most do.

Oh really? I wish this were true. Unless netscape have had a sea-change of
opinion on this in the latest version none of their browsers support
digest authentication. It doesn't even appear in mozilla.

Please correct me if I am wrong. I would love to be.

=============================================================================
Graeme Wood Email: Graeme.Wood@ed.ac.uk
Unix Systems Support Phone: +44 131 650 5003
The University of Edinburgh Fax: +44 131 650 6552
=============================================================================
Received on Thu Nov 21 2002 - 09:50:13 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:11:28 MST